Intel(R) SGX DCAP 1.22 Release

Upgraded Intel DCAP Quote Verification Enclave to integrate OpenSSL/SgxSSL 3.0.14.

Removed Intel DCAP PCCS from repository.

Added Ubuntu* 24.04 LTS 64-bit Server support.

Fixed bugs.

Note that PCCS is not available from this release. Please follow DCAP installation guide to use PCCSAdminTool to retrieve the attestation collaterals or use old version PCCS.

Intel(R) SGX DCAP 1.21 Release

Upgraded Intel DCAP Ring3 Abstraction Layer(R3AAL) library to support ConfigFS-TSM as communication channel between host and guest for TDX remote attestation.

Upgraded Intel DCAP Quote Verification Enclave to integrate OpenSSL/SgxSSL 3.0.13.

Upgraded new TDX attestation result “TD_RELAUNCH_ADVISED” in Intel DCAP Quote Verification Library(QVL) and Appraisal Engine.

Fixed bugs.

Intel(R) SGX DCAP 1.20 Release

Introduced the Intel DCAP Appraisal Engine within quote verification library, empowering users to evaluate verification results against diverse policies.

Upgraded Intel SGX Quote Verification Enclave to integrate OpenSSL/SgxSSL 3.0.12.

Added Rust wrapper for quote provider library APIs.

Fixed bugs.

Intel(R) SGX DCAP 1.19 Release

Resigned all Intel SGX Architecture Enclaves.

Upgraded Intel SGX Quote Verification Enclave to integrate OpenSSL/SgxSSL 3.0.10.

Added Attestation Library support for Intel(R) TDX Migration TD.

Added Rust wrapper for low-level Quote Generation APIs.

Enabled SE_TRACE log in release binary.

Updated Rust QVL wrapper to use native Rust structure for quote verification collateral.

Added a limitation in the DCAP QVL to only allow the user to set the QvE load policy once.

Fixed bugs.

Intel(R) SGX DCAP 1.18 Release

Introduced Intel(R) TDX 1.4 and 1.5 support.

Upgraded Ring3 Abstraction Layer (R3AAL) library to support Intel(R) TDX MVP 6.2 kernel.

Enhanced quote verification performance in multi-thread scenarios.

Upgraded Intel(R) SGX Quote Verification Enclave to integrate latest OpenSSL/SgxSSL 1.1.1u.

Fixed bugs.

Intel(R) SGX DCAP 1.17 Release

Applied CVE-2023-1255, CVE-2023-0465, and CVE-2023-0466 patches to SgxSSL/OpenSSL 1.1.1t.

Upgraded to Intel(R) Integrated Performance Primitives (IPP) Cryptography library version 2021.7.

Upgraded Intel SGX Quote Verification Enclave to integrate updated SgxSSL.

Enhanced the attestation local cache functionality by giving users the option to provide their own cache file.

Enabled QPL/QCNL log in DCAP samples.

Fixed bugs.

Intel(R) SGX DCAP 1.16 Release

Upgraded Intel SGX Quote Verification Enclave to integrate SgxSSL/OpenSSL version 1.1.1t.

Added new API in quote verification library to extract FMSPC (Family-Model-Stepping-Platform-CustomSKU) value from ECDSA quote.

Added Rust support for SGX ECDSA quote generation.

Added Linux kernel 5.19 support in TDX R3AAL (Ring 3 Attestation Abstraction Layer).

Removed Protobuf in TDX QGS (Quote Generation Service) and R3AAL (Ring 3 Attestation Abstraction Layer).

Fixed bugs.

Intel SGX DCAP 1.15 Open Source Release

Upgraded Intel SGX Quote Verification Enclave to integrate SgxSSL/OpenSSL version 1.1.1q.

Upgraded Intel SGX QE3 to make it backward compatible.

Improved ECDSA quote generation and verification performance by caching PCK certificates and collaterals in memory and disk drive.

Added Java support for quote verification library.

Added new APIs to unify Intel SGX and TDX quote verification in Quote Verification Library.

Added Advisory ID in ECDSA quote verification supplemental data.

Added Intel TDX support in RA-TLS (Remote Attestation based TLS) library.

Improved TDX quote generation throughput in vsock mode.

Added Rust support for TDX quote generation.

Added support for the Linux kernel APIs for the Enclave Dynamic Memory Management (EDMM) features that are available with the Linux kernel v6.0 or later. Refer to the SGX SDK developer reference for details on new trusted APIs and enclave configuration for the EDMM features.

Fixed bugs.

Intel SGX DCAP 1.14 Open Source Release

Re-signed all the Intel SGX Architecture Enclaves (AEs) to address CVE-2022-21123, CVE-2022-21125 and CVE-2022-21166.

Added Intel TDX Attestation support.

Added Rust support for ECDSA quote verification.

Upgraded Intel ECDSA Quote Verification Enclave to integrate SgxSSL/OpenSSL version 1.1.1o.

Fixed bugs.

Intel SGX DCAP 1.13 Open Source Release

Enhanced QPL (Quote Provider Library) to support caching Intel PCK(Provisioning Certificate Key) certificate chain in local memory, or retrieving Intel PCK cert chain from local HTTP/S address.

Upgraded Intel ECDSA Quote Verification Enclave to integrate SgxSSL/OpenSSL version 1.1.1m.

Introduced Intel ID enclave for QE identity generation.

Fixed bug.